Accepting request 1254138 from devel:languages:python:django

OBS-URL: https://build.opensuse.org/request/show/1254138 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=127
- Update to 5.1.7 (bsc#1239052)
2025-03-20 18:24:28 +00:00 · 2025-03-18 13:18:43 +00:00 · 2025-02-11 20:20:19 +00:00 · 2025-02-11 14:13:37 +00:00 · 2025-01-17 17:36:51 +00:00 · 2025-01-15 12:08:37 +00:00
7 changed files with 175 additions and 75 deletions
--- a/Django-5.1.1.checksum.txt
+++ b/Django-5.1.1.checksum.txt
@ -1,67 +0,0 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 This file contains MD5, SHA1, and SHA256 checksums for the source-code
 tarball and wheel files of Django 5.1.1, released September 3, 2024.
 To use this file, you will need a working install of PGP or other
 compatible public-key encryption software. You will also need to have
 the Django release manager's public key in your keyring. This key has
 the ID ``2EE82A8D9470983E`` and can be imported from the MIT
 keyserver, for example, if using the open-source GNU Privacy Guard
 implementation of PGP:
    gpg --keyserver pgp.mit.edu --recv-key 2EE82A8D9470983E
 or via the GitHub API:
    curl https://github.com/nessita.gpg | gpg --import -
 Once the key is imported, verify this file:
    gpg --verify Django-5.1.1.checksum.txt
 Once you have verified this file, you can use normal MD5, SHA1, or SHA256
 checksumming applications to generate the checksums of the Django
 package and compare them to the checksums listed below.
 Release packages
 ================
 https://www.djangoproject.com/m/releases/5.1/Django-5.1.1.tar.gz
 https://www.djangoproject.com/m/releases/5.1/Django-5.1.1-py3-none-any.whl
 MD5 checksums
 =============
 8024c23d7efe9e7acb04496ae22739c7  Django-5.1.1.tar.gz
 7782d604d5b7cbb56e6b7da90595b6fa  Django-5.1.1-py3-none-any.whl
 SHA1 checksums
 ==============
 8dedfc247c7bf010c93c5e5e30bca2012704a7ce  Django-5.1.1.tar.gz
 a038998584b227243ae6c1d29b3e7c2a166db918  Django-5.1.1-py3-none-any.whl
 SHA256 checksums
 ================
 021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2  Django-5.1.1.tar.gz
 71603f27dac22a6533fb38d83072eea9ddb4017fead6f67f2562a40402d61c3f  Django-5.1.1-py3-none-any.whl
 -----BEGIN PGP SIGNATURE-----
 iQJcBAEBCABGFiEEW1sboQ2FrHxcduOPLugqjZRwmD4FAmbXARwoHDEyNDMwNCtu
 ZXNzaXRhQHVzZXJzLm5vcmVwbHkuZ2l0aHViLmNvbQAKCRAu6CqNlHCYPmSPEACs
 vwz2HvzWF+YpeXx1jLQJ6/JdQjmRPT/6pp+r0GW6KG6UqmawMsvRSX/k4zdvceYx
 c7SVAIJwWNwZsPHbrjetGAI1NbAoWYxl8soCTIMR9A0mSlZebBSHb0+oUMQcwiZ5
 E4OMBv7QYYo8QVGs1KH1dMx4Unn+5VlAlaxo9BOa94PtCzUWxsIuji+yv1uKDVVa
 BQivwy0ZuzBPMkHHaTAb5byWtsbLFhHeXkWirEzivecIVxvd88mO1GXh5zY3wjRW
 UKLHQCNT6e3s7UB/ZS7IsQp7bPCmFfLsVp8+8pbABXqYHn6rM4/VCLhN06s/xVID
 DSPkqNQz39gRbn5UNVSTLVNv/yoQ6crIHw9AiRECrJ3UaRzeDcQStnmxJx92duDr
 bDLnmTI0Sx7+hqQjNOrGCFg6vO8ZVosxOgM/FgbXDKyA+FqtfbdR+/tW9KKtunPy
 AHs87A6VqYMRzyTvRChzVpKKYrdMckjRUuyrogQJEuE5VJ0o5579FxBy9OekA3km
 FTscEn8GiC4EZTR48IWSsNOCYn7VjihHvZGo4eO0uZRYFChTKc6Sah7p+i41XV1W
 FLhOqCqF/4Kl6u3dWkWPAnm8mmWDsARpGbAoxCkd8AJtlR0nScdYuwOshlpixIVa
 XgUJwJ3rzCSTd35tq+sF7y3WT3bPyUl/DwkuJVHhFA==
 =i1OF
 -----END PGP SIGNATURE-----
--- a/Django-5.1.1.tar.gz
+++ b/Django-5.1.1.tar.gz
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:021ffb7fdab3d2d388bc8c7c2434eb9c1f6f4d09e6119010bbb1694dda286bc2
 size 10675933
--- a/Django-5.1.7.checksum.txt
+++ b/Django-5.1.7.checksum.txt
@ -0,0 +1,65 @@
 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA256
 This file contains MD5, SHA1, and SHA256 checksums for the source-code
 tarball and wheel files of Django 5.1.7, released March 6, 2025.
 To use this file, you will need a working install of PGP or other
 compatible public-key encryption software. You will also need to have
 the Django release manager's public key in your keyring. This key has
 the ID ``3955B19851EA96EF`` and can be imported from the MIT
 keyserver, for example, if using the open-source GNU Privacy Guard
 implementation of PGP:
    gpg --keyserver pgp.mit.edu --recv-key 3955B19851EA96EF
 or via the GitHub API:
    curl https://github.com/sarahboyce.gpg | gpg --import -
 Once the key is imported, verify this file:
    gpg --verify Django-5.1.7.checksum.txt
 Once you have verified this file, you can use normal MD5, SHA1, or SHA256
 checksumming applications to generate the checksums of the Django
 package and compare them to the checksums listed below.
 Release packages
 ================
 https://www.djangoproject.com/m/releases/5.1/Django-5.1.7-py3-none-any.whl
 https://www.djangoproject.com/m/releases/5.1/Django-5.1.7.tar.gz
 MD5 checksums
 =============
 bf291218572733211f4f41fab183d2e4  Django-5.1.7-py3-none-any.whl
 be16b25fb0dc357e756668078a400f95  Django-5.1.7.tar.gz
 SHA1 checksums
 ==============
 e5d18f470b91eb56f0a50ce1573348a69bc944d6  Django-5.1.7-py3-none-any.whl
 f17baedab00f847150a096d9593e532d3e840189  Django-5.1.7.tar.gz
 SHA256 checksums
 ================
 1323617cb624add820cb9611cdcc788312d250824f92ca6048fda8625514af2b  Django-5.1.7-py3-none-any.whl
 30de4ee43a98e5d3da36a9002f287ff400b43ca51791920bfb35f6917bfe041c  Django-5.1.7.tar.gz
 -----BEGIN PGP SIGNATURE-----
 iQHhBAEBCABLFiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmfJYWwtHDQyMjk2NTY2
 K3NhcmFoYm95Y2VAdXNlcnMubm9yZXBseS5naXRodWIuY29tAAoJEDlVsZhR6pbv
 xIcL/iwdZbuF3MOzTRNPNDo1P+MztLL2E7ralnLklcneDoEuNPx3iTyeOycBu5c5
 PWluzQIASnnnUsTnwm2yBka8ogqgdOh1jxXy+Kvfe15qfWA5UkkiMpjnAHY14/Uh
 9Ibb2wr44J3LU5Y1+7MQweq50M3dAjVGSnqxTO8zuW7LJsQGsVfgkhXgVd+/pgkx
 XR29jXZtBAX21yObIsjK6Rw52VGZYDfFcIZ13MjexlorR+F5sIZWnPPykMyxhIRE
 mn4V1ompDAywJyg6eFmPgpogiPU3WEu8zImDHPcw7DbTXTbMzwmdFrLzJQHpZqmn
 GD3FGC9Vp76o2b21sJrn1s7uw8/cfUp+NoCvIeYQc+SKuLDDtgKX0O9J1yWEi74H
 LFuWdSxXosLCpHP9hq6h8uNXesaMy0tbKEK9+PE718OmGapmZgFtXmDVCha235gM
 BE6hS+A4+ERH/9GAw3TgbAaf8NAT8Eere2Pmn7pjCOw9Nbtne9dEq91ytGJwYzod
 jl5+cA==
 =OdRx
 -----END PGP SIGNATURE-----
--- a/Django-5.1.7.tar.gz
+++ b/Django-5.1.7.tar.gz
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:30de4ee43a98e5d3da36a9002f287ff400b43ca51791920bfb35f6917bfe041c
 size 10716510
--- a/python-Django.changes
+++ b/python-Django.changes
@ -1,3 +1,65 @@
 -------------------------------------------------------------------
 Tue Mar 18 13:01:55 UTC 2025 - Markéta Machová <mmachova@suse.com>
 - Update to 5.1.7 (bsc#1239052)
  * CVE-2025-26699: Potential denial-of-service vulnerability in
    django.utils.text.wrap()
  * Fixed a bug in Django 5.1 where the {% querystring %} template tag 
    returned an empty string rather than "?"
  * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite 
    set to True, did not truncate the overwritten file content
  * Fixed a regression in Django 5.1 where the count and exists methods of 
    ManyToManyField related managers would always return 0 and False when 
    the intermediary model back references used to_field
  * Fixed a regression in Django 5.1 where the pre_save and post_save signals 
    for LogEntry were not sent when deleting a single object in the admin
 -------------------------------------------------------------------
 Tue Feb 11 12:52:16 UTC 2025 - Markéta Machová <mmachova@suse.com>
 - Update to 5.1.6
  * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address()
    and validate_ipv46_address() to crash when handling non-string values
  * Fixed a regression in Django 5.1 where password fields, despite being
    set to required=False, were still treated as required in forms derived
    from BaseUserCreationForm
 -------------------------------------------------------------------
 Wed Jan 15 07:53:44 UTC 2025 - Markéta Machová <mmachova@suse.com>
 - Update to 5.1.5 (bsc#1235856)
  * CVE-2024-56374: Potential denial-of-service vulnerability in 
    IPv6 validation
  * Fixed a crash when applying migrations with references to the 
    removed Meta.index_together option
 -------------------------------------------------------------------
 Mon Dec  9 09:13:02 UTC 2024 - Markéta Machová <mmachova@suse.com>
 - Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907)
  * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags()
  * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle
  * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError
  * Fixed a regression in Django 5.1 where relational fields were not updated
  * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value 
    that contained a valid domain name, rather than only input values that were 
    a valid domain name
  * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2
  * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed 
    when rendering admin fieldsets
 -------------------------------------------------------------------
 Thu Oct 17 10:16:22 UTC 2024 - Markéta Machová <mmachova@suse.com>
 - Update to 5.1.2
  * Fixed a regression in Django 5.1 that caused a crash when using 
    the PostgreSQL lookup trigram_similar on output fields from Concat
  * Fixed a regression in Django 5.1 that caused a crash of JSONObject() 
    when using server-side binding with PostgreSQL 16+
  * Fixed a regression in Django 5.1 that made selected items in 
    multi-select widgets indistinguishable from non-selected items in 
    the admin dark theme
 -------------------------------------------------------------------
 Wed Sep  4 07:21:54 UTC 2024 - Alberto Planas Dominguez <aplanas@suse.com>
--- a/python-Django.keyring
+++ b/python-Django.keyring
@ -87,4 +87,46 @@ mF4yM4XSBBno1mWgaSb42LInsYv/ti1VrOrBVzmAYAoUTZL0tfEXeyzHEmWGWVHe
 SQMBvCqUmh/EcQDzPtkqjQQ1LyE5s2fyt5u+jE9JdK/61yKzbKI2UbpPtAaKSlDv
 eAgTzM5bOOqtGR7VR2hlCM4I4k2D0Y/snh2HzA==
 =ul9f
-----END PGP PUBLIC KEY BLOCK-----
+-----END PGP PUBLIC KEY BLOCK-----
 -----BEGIN PGP PUBLIC KEY BLOCK-----
 mQGNBGYTwrUBDADP52ov7O0jqH+QWStcbCwwedsV2syCQXxfhnydhkNvdCILBJ0k
 cQdc4E7Q8wGmch9a3bCLR4HIUlv1MMWk+Ty0YY71wczqIPedgM1dBZEtSH6fDOwW
 qFcYieCcmsP+FwBk8WWOKnMydEXoXCp6djSru6YOuQH2CZ+EerKjnDaXAj35dloR
 vbJ14k7Ghn9UCLDXiNOjn2N8eLe6aeoEQt7iiqStdeFuUGR/pLHHEX4sch4y9uBa
 bhC/Ce93VWK8nVna7qWX/cIjZNG6rTo79W7+IiOC5+6r7bLff5qw4BgUX2JPm5Sz
 mhPUlsJZGGXPPaTo+WZQOe5P3Fw7RpuURa+MVoih2H/i2Ur51pDEngB64YwBU1mB
 a+xwm6GHgD28JUwllHJbUl9/UJTbntS7k/k2uuMkok8jHfYb+rqkfCWqOlmuYTG3
 okseReh2TSkGpWyyaSbCihgm80RE5O6jrEDXJiZOsLIuOlVoErfxEZHpOqw43axl
 EXX0VkjFz2IBNPMAEQEAAbROU2FyYWggQm95Y2UgKEdQRyBEamFuZ28gRmVsbG93
 KSA8NDIyOTY1NjYrc2FyYWhib3ljZUB1c2Vycy5ub3JlcGx5LmdpdGh1Yi5jb20+
 iQHOBBMBCAA4FiEE6xs4DYrFLQArrNMyOVWxmFHqlu8FAmYTwrUCGwMFCwkIBwIG
 FQoJCAsCBBYCAwECHgECF4AACgkQOVWxmFHqlu8t+wv9HitJmG5iPs45Qo0nGwGm
 j1X6rP6SQENl+jqtjZU6YaxvNqWculCFl0Wa/xODhxM9HNMs3qREc+R4SqPx4epu
 NaUERN91gZoO4Ms80uqllPzdCsX5hrFblg+LqqznZWAYi94NMTm3Ft4/+I7780ev
 BhxHFBTlqwxZ0eeyaB/qAyb6K9X0cUUFExjYrP3+HAgmrOHK9PUb7vNNKUYMerOK
 waFrpPP5oDBn0p2ZunYAcJt7o2DjBOwy5iw5I2Qs50ZLt9EU0DY8Rf5nF2mKNki1
 CAD8ksNo/ohrNuGyi0r2cvVfx52izPd6PxlKf7xfL2lW16nflK/lNbZtCioDA1FC
 1dCPGD5rvOUXFASc+FZY4tJ6LbIpzg9llgcb6fSi2joT2bm9BbGrHybrIWd3BF/5
 AnrlsSwDCWtYXkdNr/eNEHNgG+aOAH2vSzue3NbCJsXkK69SzlKKOiD2ZUjJ6tKi
 IwcTkotyBaX/FLGhTKLEQE7aztsOpnfJlLU9Zx5IPxJAuQGNBGYTwrUBDACp1f7H
 MpzHvAAy7dD1Ow0pgT3NBFFiEk4jKccz9sAHPT7QQbMeIdL5uQ80lNp6Sw+IyptW
 4cytl6ovRdRyv3XetSp+KJeaqvWvGkz3L+GUoE8ezxgQXLlVcw7IzkhBNMGi+K3C
 aK6ZlZZQG8587dLF9Gbz3Vioc9hyQ/4BOr8pPaAWlSfWQVEGHPSVLh7LToGjrLlS
 h1AzVABNXtJbAt/+O7H5mkMopoPKrqgHTzOLGCd0/Tq3z5d+wqVl7JKk6yHxRr5i
 SXDqPQPmObUhPH1addNzIe+GRVW1ZbbT6l9VDiC4Lj+BJsLafubMB3rlI2T2mQCU
 PTQO0fz5y6oW0HxRtTidoxhvmC72YDFBwvsUTPQ5nt8bcSQprJMLLNL1C5M2LjPu
 tf/Csl02Fcwe/RnW2yjeb6qNCDcLpM9wpMMOdZQCRdRIkWQTcLZPQ2+SR3Ih8rAb
 pzATjFvif/4zpFlDZ9KFevCqf1M2v32sr/dDgcA3nWJ4CFrBQMhBVTcr7rcAEQEA
 AYkBtgQYAQgAIBYhBOsbOA2KxS0AK6zTMjlVsZhR6pbvBQJmE8K1AhsMAAoJEDlV
 sZhR6pbvizgL/34++v0b080pCr/0rWspcuTtD91GwQPs0HgrrfMOV2BXoXucTXj7
 G4xFq9yYO8QALrrtz40S/NeGz09hhFHo08phLAYjLZt8xD7i0uXuV8ZouDUHT0bk
 334RlKHu9kq3si0lyzu1dkGZgIBXsAURrMOyVKVySZGzsa/dpy/EDardWkTKHedf
 07K+KQgomMpVGk4EtKHpfqU9VNN8fdYD4UYtwuegz1nsg28Fa8xkK2ammWncgpVj
 +4cJwzFPg11AhhTWs/Ec068ojj70cLD2CodJVAch9RTIOcQ5yKGc483u3bagNqTK
 qZYoLWI6NjxrNZQpwha3pO2ueBDOo/fZXUMgPPqyfdmBZvz6DQM85JfULALxKbkL
 5dQguy8K8SBcrCnv6iT0FjaWlrqnU0IJDZfi2r6eDlXhYjLSwGq8RHkAYXvsCNm8
 BzeRu0mAvjLkLNegQIvfdVXfYIcwUQQB8OAzoz3qzi8vji82MBQO+gkYrlteivoF
 z+gZLcBuv/NdNg==
 =B8gH
 -----END PGP PUBLIC KEY BLOCK-----
--- a/python-Django.spec
+++ b/python-Django.spec
@ -1,7 +1,7 @@
 #
 # spec file for package python-Django
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -16,14 +16,12 @@
 #
 %define skip_python2 1
 %define skip_python36 1
 # Selenium and memcached are not operational
 %bcond_with selenium
 %bcond_with memcached
 %{?sle15_python_module_pythons}
 Name:           python-Django
-Version:        5.1.1
+Version:        5.1.7
 Release:        0
 Summary:        A high-level Python Web framework
 License:        BSD-3-Clause
Author	SHA256	Message	Date
Ana Guerrero	86ddc9c8c4	Accepting request 1254138 from devel:languages:python:django OBS-URL: https://build.opensuse.org/request/show/1254138 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=127	2025-03-20 18:24:28 +00:00
Markéta Machová	9fb974a5c8	- Update to 5.1.7 (bsc#1239052) * CVE-2025-26699: Potential denial-of-service vulnerability in django.utils.text.wrap() * Fixed a bug in Django 5.1 where the {% querystring %} template tag returned an empty string rather than "?" * Fixed a bug in Django 5.1 where FileSystemStorage, with allow_overwrite set to True, did not truncate the overwritten file content * Fixed a regression in Django 5.1 where the count and exists methods of ManyToManyField related managers would always return 0 and False when the intermediary model back references used to_field * Fixed a regression in Django 5.1 where the pre_save and post_save signals for LogEntry were not sent when deleting a single object in the admin OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=189	2025-03-18 13:18:43 +00:00
Ana Guerrero	4cfbeac954	Accepting request 1245111 from devel:languages:python:django OBS-URL: https://build.opensuse.org/request/show/1245111 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=126	2025-02-11 20:20:19 +00:00
Markéta Machová	a5b485aaa4	- Update to 5.1.6 * Fixed a regression in Django 5.1.5 that caused validate_ipv6_address() and validate_ipv46_address() to crash when handling non-string values * Fixed a regression in Django 5.1 where password fields, despite being set to required=False, were still treated as required in forms derived from BaseUserCreationForm OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=187	2025-02-11 14:13:37 +00:00
Ana Guerrero	3cf5681960	Accepting request 1238033 from devel:languages:python:django OBS-URL: https://build.opensuse.org/request/show/1238033 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=125	2025-01-17 17:36:51 +00:00
Markéta Machová	b2d85302c5	- Update to 5.1.5 (bsc#1235856) * CVE-2024-56374: Potential denial-of-service vulnerability in IPv6 validation * Fixed a crash when applying migrations with references to the removed Meta.index_together option OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=185	2025-01-15 12:08:37 +00:00
Ana Guerrero	ed596b7283	Accepting request 1229315 from devel:languages:python:django OBS-URL: https://build.opensuse.org/request/show/1229315 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=124	2024-12-10 22:43:01 +00:00
Markéta Machová	cec361ba85	- Update to 5.1.4 (bsc#1234231, CVE-2024-53908, bsc#1234232, CVE-2024-53907) * CVE-2024-53907: Potential denial-of-service in django.utils.html.strip_tags() * CVE-2024-53908: Potential SQL injection in HasKey(lhs, rhs) on Oracle * Fixed a crash in createsuperuser on Python 3.13+ caused by an unhandled OSError * Fixed a regression in Django 5.1 where relational fields were not updated * Fixed a bug in Django 5.1 where DomainNameValidator accepted any input value that contained a valid domain name, rather than only input values that were a valid domain name * Fixed a regression in Django 5.1 that prevented the use of DB-IP databases with GeoIP2 * Fixed a regression in Django 5.1 where non-ASCII fieldset names were not displayed when rendering admin fieldsets OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=183	2024-12-09 11:00:19 +00:00
Ana Guerrero	f398fa39be	Accepting request 1208607 from devel:languages:python:django OBS-URL: https://build.opensuse.org/request/show/1208607 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Django?expand=0&rev=123	2024-10-18 13:52:54 +00:00
Markéta Machová	828c0a3f1e	- Update to 5.1.2 * Fixed a regression in Django 5.1 that caused a crash when using the PostgreSQL lookup trigram_similar on output fields from Concat * Fixed a regression in Django 5.1 that caused a crash of JSONObject() when using server-side binding with PostgreSQL 16+ * Fixed a regression in Django 5.1 that made selected items in multi-select widgets indistinguishable from non-selected items in the admin dark theme OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:django/python-Django?expand=0&rev=181	2024-10-17 10:32:45 +00:00